1 /* 2 * 3 * Intel Management Engine Interface (Intel MEI) Linux driver 4 * Copyright (c) 2003-2012, Intel Corporation. 5 * 6 * This program is free software; you can redistribute it and/or modify it 7 * under the terms and conditions of the GNU General Public License, 8 * version 2, as published by the Free Software Foundation. 9 * 10 * This program is distributed in the hope it will be useful, but WITHOUT 11 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 12 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for 13 * more details. 14 * 15 */ 16 17 18 #include <linux/pci.h> 19 #include <linux/kthread.h> 20 #include <linux/interrupt.h> 21 #include <linux/fs.h> 22 #include <linux/jiffies.h> 23 24 #include "mei_dev.h" 25 #include <linux/mei.h> 26 #include "hw.h" 27 #include "interface.h" 28 29 30 /** 31 * mei_interrupt_quick_handler - The ISR of the MEI device 32 * 33 * @irq: The irq number 34 * @dev_id: pointer to the device structure 35 * 36 * returns irqreturn_t 37 */ 38 irqreturn_t mei_interrupt_quick_handler(int irq, void *dev_id) 39 { 40 struct mei_device *dev = (struct mei_device *) dev_id; 41 u32 csr_reg = mei_hcsr_read(dev); 42 43 if ((csr_reg & H_IS) != H_IS) 44 return IRQ_NONE; 45 46 /* clear H_IS bit in H_CSR */ 47 mei_reg_write(dev, H_CSR, csr_reg); 48 49 return IRQ_WAKE_THREAD; 50 } 51 52 /** 53 * _mei_cmpl - processes completed operation. 54 * 55 * @cl: private data of the file object. 56 * @cb_pos: callback block. 57 */ 58 static void _mei_cmpl(struct mei_cl *cl, struct mei_cl_cb *cb_pos) 59 { 60 if (cb_pos->major_file_operations == MEI_WRITE) { 61 mei_free_cb_private(cb_pos); 62 cb_pos = NULL; 63 cl->writing_state = MEI_WRITE_COMPLETE; 64 if (waitqueue_active(&cl->tx_wait)) 65 wake_up_interruptible(&cl->tx_wait); 66 67 } else if (cb_pos->major_file_operations == MEI_READ && 68 MEI_READING == cl->reading_state) { 69 cl->reading_state = MEI_READ_COMPLETE; 70 if (waitqueue_active(&cl->rx_wait)) 71 wake_up_interruptible(&cl->rx_wait); 72 73 } 74 } 75 76 /** 77 * _mei_cmpl_iamthif - processes completed iamthif operation. 78 * 79 * @dev: the device structure. 80 * @cb_pos: callback block. 81 */ 82 static void _mei_cmpl_iamthif(struct mei_device *dev, struct mei_cl_cb *cb_pos) 83 { 84 if (dev->iamthif_canceled != 1) { 85 dev->iamthif_state = MEI_IAMTHIF_READ_COMPLETE; 86 dev->iamthif_stall_timer = 0; 87 memcpy(cb_pos->response_buffer.data, 88 dev->iamthif_msg_buf, 89 dev->iamthif_msg_buf_index); 90 list_add_tail(&cb_pos->cb_list, 91 &dev->amthi_read_complete_list.mei_cb.cb_list); 92 dev_dbg(&dev->pdev->dev, "amthi read completed.\n"); 93 dev->iamthif_timer = jiffies; 94 dev_dbg(&dev->pdev->dev, "dev->iamthif_timer = %ld\n", 95 dev->iamthif_timer); 96 } else { 97 mei_run_next_iamthif_cmd(dev); 98 } 99 100 dev_dbg(&dev->pdev->dev, "completing amthi call back.\n"); 101 wake_up_interruptible(&dev->iamthif_cl.wait); 102 } 103 104 105 /** 106 * mei_irq_thread_read_amthi_message - bottom half read routine after ISR to 107 * handle the read amthi message data processing. 108 * 109 * @complete_list: An instance of our list structure 110 * @dev: the device structure 111 * @mei_hdr: header of amthi message 112 * 113 * returns 0 on success, <0 on failure. 114 */ 115 static int mei_irq_thread_read_amthi_message(struct mei_io_list *complete_list, 116 struct mei_device *dev, 117 struct mei_msg_hdr *mei_hdr) 118 { 119 struct mei_cl *cl; 120 struct mei_cl_cb *cb; 121 unsigned char *buffer; 122 123 BUG_ON(mei_hdr->me_addr != dev->iamthif_cl.me_client_id); 124 BUG_ON(dev->iamthif_state != MEI_IAMTHIF_READING); 125 126 buffer = dev->iamthif_msg_buf + dev->iamthif_msg_buf_index; 127 BUG_ON(dev->iamthif_mtu < dev->iamthif_msg_buf_index + mei_hdr->length); 128 129 mei_read_slots(dev, buffer, mei_hdr->length); 130 131 dev->iamthif_msg_buf_index += mei_hdr->length; 132 133 if (!mei_hdr->msg_complete) 134 return 0; 135 136 dev_dbg(&dev->pdev->dev, 137 "amthi_message_buffer_index =%d\n", 138 mei_hdr->length); 139 140 dev_dbg(&dev->pdev->dev, "completed amthi read.\n "); 141 if (!dev->iamthif_current_cb) 142 return -ENODEV; 143 144 cb = dev->iamthif_current_cb; 145 dev->iamthif_current_cb = NULL; 146 147 cl = (struct mei_cl *)cb->file_private; 148 if (!cl) 149 return -ENODEV; 150 151 dev->iamthif_stall_timer = 0; 152 cb->information = dev->iamthif_msg_buf_index; 153 cb->read_time = jiffies; 154 if (dev->iamthif_ioctl && cl == &dev->iamthif_cl) { 155 /* found the iamthif cb */ 156 dev_dbg(&dev->pdev->dev, "complete the amthi read cb.\n "); 157 dev_dbg(&dev->pdev->dev, "add the amthi read cb to complete.\n "); 158 list_add_tail(&cb->cb_list, 159 &complete_list->mei_cb.cb_list); 160 } 161 return 0; 162 } 163 164 /** 165 * _mei_irq_thread_state_ok - checks if mei header matches file private data 166 * 167 * @cl: private data of the file object 168 * @mei_hdr: header of mei client message 169 * 170 * returns !=0 if matches, 0 if no match. 171 */ 172 static int _mei_irq_thread_state_ok(struct mei_cl *cl, 173 struct mei_msg_hdr *mei_hdr) 174 { 175 return (cl->host_client_id == mei_hdr->host_addr && 176 cl->me_client_id == mei_hdr->me_addr && 177 cl->state == MEI_FILE_CONNECTED && 178 MEI_READ_COMPLETE != cl->reading_state); 179 } 180 181 /** 182 * mei_irq_thread_read_client_message - bottom half read routine after ISR to 183 * handle the read mei client message data processing. 184 * 185 * @complete_list: An instance of our list structure 186 * @dev: the device structure 187 * @mei_hdr: header of mei client message 188 * 189 * returns 0 on success, <0 on failure. 190 */ 191 static int mei_irq_thread_read_client_message(struct mei_io_list *complete_list, 192 struct mei_device *dev, 193 struct mei_msg_hdr *mei_hdr) 194 { 195 struct mei_cl *cl; 196 struct mei_cl_cb *cb_pos = NULL, *cb_next = NULL; 197 unsigned char *buffer = NULL; 198 199 dev_dbg(&dev->pdev->dev, "start client msg\n"); 200 if (list_empty(&dev->read_list.mei_cb.cb_list)) 201 goto quit; 202 203 list_for_each_entry_safe(cb_pos, cb_next, 204 &dev->read_list.mei_cb.cb_list, cb_list) { 205 cl = (struct mei_cl *)cb_pos->file_private; 206 if (cl && _mei_irq_thread_state_ok(cl, mei_hdr)) { 207 cl->reading_state = MEI_READING; 208 buffer = cb_pos->response_buffer.data + cb_pos->information; 209 210 if (cb_pos->response_buffer.size < 211 mei_hdr->length + cb_pos->information) { 212 dev_dbg(&dev->pdev->dev, "message overflow.\n"); 213 list_del(&cb_pos->cb_list); 214 return -ENOMEM; 215 } 216 if (buffer) 217 mei_read_slots(dev, buffer, mei_hdr->length); 218 219 cb_pos->information += mei_hdr->length; 220 if (mei_hdr->msg_complete) { 221 cl->status = 0; 222 list_del(&cb_pos->cb_list); 223 dev_dbg(&dev->pdev->dev, 224 "completed read host client = %d," 225 "ME client = %d, " 226 "data length = %lu\n", 227 cl->host_client_id, 228 cl->me_client_id, 229 cb_pos->information); 230 231 *(cb_pos->response_buffer.data + 232 cb_pos->information) = '\0'; 233 dev_dbg(&dev->pdev->dev, "cb_pos->res_buffer - %s\n", 234 cb_pos->response_buffer.data); 235 list_add_tail(&cb_pos->cb_list, 236 &complete_list->mei_cb.cb_list); 237 } 238 239 break; 240 } 241 242 } 243 244 quit: 245 dev_dbg(&dev->pdev->dev, "message read\n"); 246 if (!buffer) { 247 mei_read_slots(dev, dev->rd_msg_buf, mei_hdr->length); 248 dev_dbg(&dev->pdev->dev, "discarding message, header =%08x.\n", 249 *(u32 *) dev->rd_msg_buf); 250 } 251 252 return 0; 253 } 254 255 /** 256 * _mei_irq_thread_iamthif_read - prepares to read iamthif data. 257 * 258 * @dev: the device structure. 259 * @slots: free slots. 260 * 261 * returns 0, OK; otherwise, error. 262 */ 263 static int _mei_irq_thread_iamthif_read(struct mei_device *dev, s32 *slots) 264 { 265 266 if (((*slots) * sizeof(u32)) < (sizeof(struct mei_msg_hdr) 267 + sizeof(struct hbm_flow_control))) { 268 return -EMSGSIZE; 269 } 270 *slots -= mei_data2slots(sizeof(struct hbm_flow_control)); 271 if (mei_send_flow_control(dev, &dev->iamthif_cl)) { 272 dev_dbg(&dev->pdev->dev, "iamthif flow control failed\n"); 273 return -EIO; 274 } 275 276 dev_dbg(&dev->pdev->dev, "iamthif flow control success\n"); 277 dev->iamthif_state = MEI_IAMTHIF_READING; 278 dev->iamthif_flow_control_pending = false; 279 dev->iamthif_msg_buf_index = 0; 280 dev->iamthif_msg_buf_size = 0; 281 dev->iamthif_stall_timer = IAMTHIF_STALL_TIMER; 282 dev->mei_host_buffer_is_empty = mei_hbuf_is_empty(dev); 283 return 0; 284 } 285 286 /** 287 * _mei_irq_thread_close - processes close related operation. 288 * 289 * @dev: the device structure. 290 * @slots: free slots. 291 * @cb_pos: callback block. 292 * @cl: private data of the file object. 293 * @cmpl_list: complete list. 294 * 295 * returns 0, OK; otherwise, error. 296 */ 297 static int _mei_irq_thread_close(struct mei_device *dev, s32 *slots, 298 struct mei_cl_cb *cb_pos, 299 struct mei_cl *cl, 300 struct mei_io_list *cmpl_list) 301 { 302 if ((*slots * sizeof(u32)) < (sizeof(struct mei_msg_hdr) + 303 sizeof(struct hbm_client_disconnect_request))) 304 return -EBADMSG; 305 306 *slots -= mei_data2slots(sizeof(struct hbm_client_disconnect_request)); 307 308 if (mei_disconnect(dev, cl)) { 309 cl->status = 0; 310 cb_pos->information = 0; 311 list_move_tail(&cb_pos->cb_list, 312 &cmpl_list->mei_cb.cb_list); 313 return -EMSGSIZE; 314 } else { 315 cl->state = MEI_FILE_DISCONNECTING; 316 cl->status = 0; 317 cb_pos->information = 0; 318 list_move_tail(&cb_pos->cb_list, 319 &dev->ctrl_rd_list.mei_cb.cb_list); 320 cl->timer_count = MEI_CONNECT_TIMEOUT; 321 } 322 323 return 0; 324 } 325 326 /** 327 * is_treat_specially_client - checks if the message belongs 328 * to the file private data. 329 * 330 * @cl: private data of the file object 331 * @rs: connect response bus message 332 * 333 */ 334 static bool is_treat_specially_client(struct mei_cl *cl, 335 struct hbm_client_connect_response *rs) 336 { 337 338 if (cl->host_client_id == rs->host_addr && 339 cl->me_client_id == rs->me_addr) { 340 if (!rs->status) { 341 cl->state = MEI_FILE_CONNECTED; 342 cl->status = 0; 343 344 } else { 345 cl->state = MEI_FILE_DISCONNECTED; 346 cl->status = -ENODEV; 347 } 348 cl->timer_count = 0; 349 350 return true; 351 } 352 return false; 353 } 354 355 /** 356 * mei_client_connect_response - connects to response irq routine 357 * 358 * @dev: the device structure 359 * @rs: connect response bus message 360 */ 361 static void mei_client_connect_response(struct mei_device *dev, 362 struct hbm_client_connect_response *rs) 363 { 364 365 struct mei_cl *cl; 366 struct mei_cl_cb *cb_pos = NULL, *cb_next = NULL; 367 368 dev_dbg(&dev->pdev->dev, 369 "connect_response:\n" 370 "ME Client = %d\n" 371 "Host Client = %d\n" 372 "Status = %d\n", 373 rs->me_addr, 374 rs->host_addr, 375 rs->status); 376 377 /* if WD or iamthif client treat specially */ 378 379 if (is_treat_specially_client(&(dev->wd_cl), rs)) { 380 dev_dbg(&dev->pdev->dev, "successfully connected to WD client.\n"); 381 mei_watchdog_register(dev); 382 383 /* next step in the state maching */ 384 mei_host_init_iamthif(dev); 385 return; 386 } 387 388 if (is_treat_specially_client(&(dev->iamthif_cl), rs)) { 389 dev->iamthif_state = MEI_IAMTHIF_IDLE; 390 return; 391 } 392 list_for_each_entry_safe(cb_pos, cb_next, 393 &dev->ctrl_rd_list.mei_cb.cb_list, cb_list) { 394 395 cl = (struct mei_cl *)cb_pos->file_private; 396 if (!cl) { 397 list_del(&cb_pos->cb_list); 398 return; 399 } 400 if (MEI_IOCTL == cb_pos->major_file_operations) { 401 if (is_treat_specially_client(cl, rs)) { 402 list_del(&cb_pos->cb_list); 403 cl->status = 0; 404 cl->timer_count = 0; 405 break; 406 } 407 } 408 } 409 } 410 411 /** 412 * mei_client_disconnect_response - disconnects from response irq routine 413 * 414 * @dev: the device structure 415 * @rs: disconnect response bus message 416 */ 417 static void mei_client_disconnect_response(struct mei_device *dev, 418 struct hbm_client_connect_response *rs) 419 { 420 struct mei_cl *cl; 421 struct mei_cl_cb *cb_pos = NULL, *cb_next = NULL; 422 423 dev_dbg(&dev->pdev->dev, 424 "disconnect_response:\n" 425 "ME Client = %d\n" 426 "Host Client = %d\n" 427 "Status = %d\n", 428 rs->me_addr, 429 rs->host_addr, 430 rs->status); 431 432 list_for_each_entry_safe(cb_pos, cb_next, 433 &dev->ctrl_rd_list.mei_cb.cb_list, cb_list) { 434 cl = (struct mei_cl *)cb_pos->file_private; 435 436 if (!cl) { 437 list_del(&cb_pos->cb_list); 438 return; 439 } 440 441 dev_dbg(&dev->pdev->dev, "list_for_each_entry_safe in ctrl_rd_list.\n"); 442 if (cl->host_client_id == rs->host_addr && 443 cl->me_client_id == rs->me_addr) { 444 445 list_del(&cb_pos->cb_list); 446 if (!rs->status) 447 cl->state = MEI_FILE_DISCONNECTED; 448 449 cl->status = 0; 450 cl->timer_count = 0; 451 break; 452 } 453 } 454 } 455 456 /** 457 * same_flow_addr - tells if they have the same address. 458 * 459 * @file: private data of the file object. 460 * @flow: flow control. 461 * 462 * returns !=0, same; 0,not. 463 */ 464 static int same_flow_addr(struct mei_cl *cl, struct hbm_flow_control *flow) 465 { 466 return (cl->host_client_id == flow->host_addr && 467 cl->me_client_id == flow->me_addr); 468 } 469 470 /** 471 * add_single_flow_creds - adds single buffer credentials. 472 * 473 * @file: private data ot the file object. 474 * @flow: flow control. 475 */ 476 static void add_single_flow_creds(struct mei_device *dev, 477 struct hbm_flow_control *flow) 478 { 479 struct mei_me_client *client; 480 int i; 481 482 for (i = 0; i < dev->me_clients_num; i++) { 483 client = &dev->me_clients[i]; 484 if (client && flow->me_addr == client->client_id) { 485 if (client->props.single_recv_buf) { 486 client->mei_flow_ctrl_creds++; 487 dev_dbg(&dev->pdev->dev, "recv flow ctrl msg ME %d (single).\n", 488 flow->me_addr); 489 dev_dbg(&dev->pdev->dev, "flow control credentials =%d.\n", 490 client->mei_flow_ctrl_creds); 491 } else { 492 BUG(); /* error in flow control */ 493 } 494 } 495 } 496 } 497 498 /** 499 * mei_client_flow_control_response - flow control response irq routine 500 * 501 * @dev: the device structure 502 * @flow_control: flow control response bus message 503 */ 504 static void mei_client_flow_control_response(struct mei_device *dev, 505 struct hbm_flow_control *flow_control) 506 { 507 struct mei_cl *cl_pos = NULL; 508 struct mei_cl *cl_next = NULL; 509 510 if (!flow_control->host_addr) { 511 /* single receive buffer */ 512 add_single_flow_creds(dev, flow_control); 513 } else { 514 /* normal connection */ 515 list_for_each_entry_safe(cl_pos, cl_next, 516 &dev->file_list, link) { 517 dev_dbg(&dev->pdev->dev, "list_for_each_entry_safe in file_list\n"); 518 519 dev_dbg(&dev->pdev->dev, "cl of host client %d ME client %d.\n", 520 cl_pos->host_client_id, 521 cl_pos->me_client_id); 522 dev_dbg(&dev->pdev->dev, "flow ctrl msg for host %d ME %d.\n", 523 flow_control->host_addr, 524 flow_control->me_addr); 525 if (same_flow_addr(cl_pos, flow_control)) { 526 dev_dbg(&dev->pdev->dev, "recv ctrl msg for host %d ME %d.\n", 527 flow_control->host_addr, 528 flow_control->me_addr); 529 cl_pos->mei_flow_ctrl_creds++; 530 dev_dbg(&dev->pdev->dev, "flow control credentials = %d.\n", 531 cl_pos->mei_flow_ctrl_creds); 532 break; 533 } 534 } 535 } 536 } 537 538 /** 539 * same_disconn_addr - tells if they have the same address 540 * 541 * @file: private data of the file object. 542 * @disconn: disconnection request. 543 * 544 * returns !=0, same; 0,not. 545 */ 546 static int same_disconn_addr(struct mei_cl *cl, 547 struct hbm_client_disconnect_request *disconn) 548 { 549 return (cl->host_client_id == disconn->host_addr && 550 cl->me_client_id == disconn->me_addr); 551 } 552 553 /** 554 * mei_client_disconnect_request - disconnects from request irq routine 555 * 556 * @dev: the device structure. 557 * @disconnect_req: disconnect request bus message. 558 */ 559 static void mei_client_disconnect_request(struct mei_device *dev, 560 struct hbm_client_disconnect_request *disconnect_req) 561 { 562 struct mei_msg_hdr *mei_hdr; 563 struct hbm_client_connect_response *disconnect_res; 564 struct mei_cl *cl_pos = NULL; 565 struct mei_cl *cl_next = NULL; 566 567 list_for_each_entry_safe(cl_pos, cl_next, &dev->file_list, link) { 568 if (same_disconn_addr(cl_pos, disconnect_req)) { 569 dev_dbg(&dev->pdev->dev, "disconnect request host client %d ME client %d.\n", 570 disconnect_req->host_addr, 571 disconnect_req->me_addr); 572 cl_pos->state = MEI_FILE_DISCONNECTED; 573 cl_pos->timer_count = 0; 574 if (cl_pos == &dev->wd_cl) 575 dev->wd_pending = false; 576 else if (cl_pos == &dev->iamthif_cl) 577 dev->iamthif_timer = 0; 578 579 /* prepare disconnect response */ 580 mei_hdr = 581 (struct mei_msg_hdr *) &dev->ext_msg_buf[0]; 582 mei_hdr->host_addr = 0; 583 mei_hdr->me_addr = 0; 584 mei_hdr->length = 585 sizeof(struct hbm_client_connect_response); 586 mei_hdr->msg_complete = 1; 587 mei_hdr->reserved = 0; 588 589 disconnect_res = 590 (struct hbm_client_connect_response *) 591 &dev->ext_msg_buf[1]; 592 disconnect_res->host_addr = cl_pos->host_client_id; 593 disconnect_res->me_addr = cl_pos->me_client_id; 594 disconnect_res->hbm_cmd = CLIENT_DISCONNECT_RES_CMD; 595 disconnect_res->status = 0; 596 dev->extra_write_index = 2; 597 break; 598 } 599 } 600 } 601 602 603 /** 604 * mei_irq_thread_read_bus_message - bottom half read routine after ISR to 605 * handle the read bus message cmd processing. 606 * 607 * @dev: the device structure 608 * @mei_hdr: header of bus message 609 */ 610 static void mei_irq_thread_read_bus_message(struct mei_device *dev, 611 struct mei_msg_hdr *mei_hdr) 612 { 613 struct mei_bus_message *mei_msg; 614 struct hbm_host_version_response *version_res; 615 struct hbm_client_connect_response *connect_res; 616 struct hbm_client_connect_response *disconnect_res; 617 struct hbm_flow_control *flow_control; 618 struct hbm_props_response *props_res; 619 struct hbm_host_enum_response *enum_res; 620 struct hbm_client_disconnect_request *disconnect_req; 621 struct hbm_host_stop_request *host_stop_req; 622 int res; 623 624 625 /* read the message to our buffer */ 626 BUG_ON(mei_hdr->length >= sizeof(dev->rd_msg_buf)); 627 mei_read_slots(dev, dev->rd_msg_buf, mei_hdr->length); 628 mei_msg = (struct mei_bus_message *)dev->rd_msg_buf; 629 630 switch (mei_msg->hbm_cmd) { 631 case HOST_START_RES_CMD: 632 version_res = (struct hbm_host_version_response *) mei_msg; 633 if (version_res->host_version_supported) { 634 dev->version.major_version = HBM_MAJOR_VERSION; 635 dev->version.minor_version = HBM_MINOR_VERSION; 636 if (dev->mei_state == MEI_INIT_CLIENTS && 637 dev->init_clients_state == MEI_START_MESSAGE) { 638 dev->init_clients_timer = 0; 639 mei_host_enum_clients_message(dev); 640 } else { 641 dev->recvd_msg = false; 642 dev_dbg(&dev->pdev->dev, "IMEI reset due to received host start response bus message.\n"); 643 mei_reset(dev, 1); 644 return; 645 } 646 } else { 647 dev->version = version_res->me_max_version; 648 /* send stop message */ 649 mei_hdr = (struct mei_msg_hdr *)&dev->wr_msg_buf[0]; 650 mei_hdr->host_addr = 0; 651 mei_hdr->me_addr = 0; 652 mei_hdr->length = sizeof(struct hbm_host_stop_request); 653 mei_hdr->msg_complete = 1; 654 mei_hdr->reserved = 0; 655 656 host_stop_req = (struct hbm_host_stop_request *) 657 &dev->wr_msg_buf[1]; 658 659 memset(host_stop_req, 660 0, 661 sizeof(struct hbm_host_stop_request)); 662 host_stop_req->hbm_cmd = HOST_STOP_REQ_CMD; 663 host_stop_req->reason = DRIVER_STOP_REQUEST; 664 mei_write_message(dev, mei_hdr, 665 (unsigned char *) (host_stop_req), 666 mei_hdr->length); 667 dev_dbg(&dev->pdev->dev, "version mismatch.\n"); 668 return; 669 } 670 671 dev->recvd_msg = true; 672 dev_dbg(&dev->pdev->dev, "host start response message received.\n"); 673 break; 674 675 case CLIENT_CONNECT_RES_CMD: 676 connect_res = 677 (struct hbm_client_connect_response *) mei_msg; 678 mei_client_connect_response(dev, connect_res); 679 dev_dbg(&dev->pdev->dev, "client connect response message received.\n"); 680 wake_up(&dev->wait_recvd_msg); 681 break; 682 683 case CLIENT_DISCONNECT_RES_CMD: 684 disconnect_res = 685 (struct hbm_client_connect_response *) mei_msg; 686 mei_client_disconnect_response(dev, disconnect_res); 687 dev_dbg(&dev->pdev->dev, "client disconnect response message received.\n"); 688 wake_up(&dev->wait_recvd_msg); 689 break; 690 691 case MEI_FLOW_CONTROL_CMD: 692 flow_control = (struct hbm_flow_control *) mei_msg; 693 mei_client_flow_control_response(dev, flow_control); 694 dev_dbg(&dev->pdev->dev, "client flow control response message received.\n"); 695 break; 696 697 case HOST_CLIENT_PROPERTIES_RES_CMD: 698 props_res = (struct hbm_props_response *)mei_msg; 699 if (props_res->status || !dev->me_clients) { 700 dev_dbg(&dev->pdev->dev, "reset due to received host client properties response bus message wrong status.\n"); 701 mei_reset(dev, 1); 702 return; 703 } 704 if (dev->me_clients[dev->me_client_presentation_num] 705 .client_id == props_res->address) { 706 707 dev->me_clients[dev->me_client_presentation_num].props 708 = props_res->client_properties; 709 710 if (dev->mei_state == MEI_INIT_CLIENTS && 711 dev->init_clients_state == 712 MEI_CLIENT_PROPERTIES_MESSAGE) { 713 dev->me_client_index++; 714 dev->me_client_presentation_num++; 715 716 /** Send Client Properties request **/ 717 res = mei_host_client_properties(dev); 718 if (res < 0) { 719 dev_dbg(&dev->pdev->dev, "mei_host_client_properties() failed"); 720 return; 721 } else if (!res) { 722 /* 723 * No more clients to send to. 724 * Clear Map for indicating now ME clients 725 * with associated host client 726 */ 727 bitmap_zero(dev->host_clients_map, MEI_CLIENTS_MAX); 728 dev->open_handle_count = 0; 729 730 /* 731 * Reserving the first three client IDs 732 * Client Id 0 - Reserved for MEI Bus Message communications 733 * Client Id 1 - Reserved for Watchdog 734 * Client ID 2 - Reserved for AMTHI 735 */ 736 bitmap_set(dev->host_clients_map, 0, 3); 737 dev->mei_state = MEI_ENABLED; 738 739 /* if wd initialization fails, initialization the AMTHI client, 740 * otherwise the AMTHI client will be initialized after the WD client connect response 741 * will be received 742 */ 743 if (mei_wd_host_init(dev)) 744 mei_host_init_iamthif(dev); 745 } 746 747 } else { 748 dev_dbg(&dev->pdev->dev, "reset due to received host client properties response bus message"); 749 mei_reset(dev, 1); 750 return; 751 } 752 } else { 753 dev_dbg(&dev->pdev->dev, "reset due to received host client properties response bus message for wrong client ID\n"); 754 mei_reset(dev, 1); 755 return; 756 } 757 break; 758 759 case HOST_ENUM_RES_CMD: 760 enum_res = (struct hbm_host_enum_response *) mei_msg; 761 memcpy(dev->me_clients_map, enum_res->valid_addresses, 32); 762 if (dev->mei_state == MEI_INIT_CLIENTS && 763 dev->init_clients_state == MEI_ENUM_CLIENTS_MESSAGE) { 764 dev->init_clients_timer = 0; 765 dev->me_client_presentation_num = 0; 766 dev->me_client_index = 0; 767 mei_allocate_me_clients_storage(dev); 768 dev->init_clients_state = 769 MEI_CLIENT_PROPERTIES_MESSAGE; 770 mei_host_client_properties(dev); 771 } else { 772 dev_dbg(&dev->pdev->dev, "reset due to received host enumeration clients response bus message.\n"); 773 mei_reset(dev, 1); 774 return; 775 } 776 break; 777 778 case HOST_STOP_RES_CMD: 779 dev->mei_state = MEI_DISABLED; 780 dev_dbg(&dev->pdev->dev, "resetting because of FW stop response.\n"); 781 mei_reset(dev, 1); 782 break; 783 784 case CLIENT_DISCONNECT_REQ_CMD: 785 /* search for client */ 786 disconnect_req = 787 (struct hbm_client_disconnect_request *) mei_msg; 788 mei_client_disconnect_request(dev, disconnect_req); 789 break; 790 791 case ME_STOP_REQ_CMD: 792 /* prepare stop request */ 793 mei_hdr = (struct mei_msg_hdr *) &dev->ext_msg_buf[0]; 794 mei_hdr->host_addr = 0; 795 mei_hdr->me_addr = 0; 796 mei_hdr->length = sizeof(struct hbm_host_stop_request); 797 mei_hdr->msg_complete = 1; 798 mei_hdr->reserved = 0; 799 host_stop_req = 800 (struct hbm_host_stop_request *) &dev->ext_msg_buf[1]; 801 memset(host_stop_req, 0, sizeof(struct hbm_host_stop_request)); 802 host_stop_req->hbm_cmd = HOST_STOP_REQ_CMD; 803 host_stop_req->reason = DRIVER_STOP_REQUEST; 804 host_stop_req->reserved[0] = 0; 805 host_stop_req->reserved[1] = 0; 806 dev->extra_write_index = 2; 807 break; 808 809 default: 810 BUG(); 811 break; 812 813 } 814 } 815 816 817 /** 818 * _mei_hb_read - processes read related operation. 819 * 820 * @dev: the device structure. 821 * @slots: free slots. 822 * @cb_pos: callback block. 823 * @cl: private data of the file object. 824 * @cmpl_list: complete list. 825 * 826 * returns 0, OK; otherwise, error. 827 */ 828 static int _mei_irq_thread_read(struct mei_device *dev, s32 *slots, 829 struct mei_cl_cb *cb_pos, 830 struct mei_cl *cl, 831 struct mei_io_list *cmpl_list) 832 { 833 if ((*slots * sizeof(u32)) < (sizeof(struct mei_msg_hdr) + 834 sizeof(struct hbm_flow_control))) { 835 /* return the cancel routine */ 836 list_del(&cb_pos->cb_list); 837 return -EBADMSG; 838 } 839 840 *slots -= mei_data2slots(sizeof(struct hbm_flow_control)); 841 842 if (mei_send_flow_control(dev, cl)) { 843 cl->status = -ENODEV; 844 cb_pos->information = 0; 845 list_move_tail(&cb_pos->cb_list, &cmpl_list->mei_cb.cb_list); 846 return -ENODEV; 847 } 848 list_move_tail(&cb_pos->cb_list, &dev->read_list.mei_cb.cb_list); 849 850 return 0; 851 } 852 853 854 /** 855 * _mei_irq_thread_ioctl - processes ioctl related operation. 856 * 857 * @dev: the device structure. 858 * @slots: free slots. 859 * @cb_pos: callback block. 860 * @cl: private data of the file object. 861 * @cmpl_list: complete list. 862 * 863 * returns 0, OK; otherwise, error. 864 */ 865 static int _mei_irq_thread_ioctl(struct mei_device *dev, s32 *slots, 866 struct mei_cl_cb *cb_pos, 867 struct mei_cl *cl, 868 struct mei_io_list *cmpl_list) 869 { 870 if ((*slots * sizeof(u32)) < (sizeof(struct mei_msg_hdr) + 871 sizeof(struct hbm_client_connect_request))) { 872 /* return the cancel routine */ 873 list_del(&cb_pos->cb_list); 874 return -EBADMSG; 875 } 876 877 cl->state = MEI_FILE_CONNECTING; 878 *slots -= mei_data2slots(sizeof(struct hbm_client_connect_request)); 879 if (mei_connect(dev, cl)) { 880 cl->status = -ENODEV; 881 cb_pos->information = 0; 882 list_del(&cb_pos->cb_list); 883 return -ENODEV; 884 } else { 885 list_move_tail(&cb_pos->cb_list, 886 &dev->ctrl_rd_list.mei_cb.cb_list); 887 cl->timer_count = MEI_CONNECT_TIMEOUT; 888 } 889 return 0; 890 } 891 892 /** 893 * _mei_irq_thread_cmpl - processes completed and no-iamthif operation. 894 * 895 * @dev: the device structure. 896 * @slots: free slots. 897 * @cb_pos: callback block. 898 * @cl: private data of the file object. 899 * @cmpl_list: complete list. 900 * 901 * returns 0, OK; otherwise, error. 902 */ 903 static int _mei_irq_thread_cmpl(struct mei_device *dev, s32 *slots, 904 struct mei_cl_cb *cb_pos, 905 struct mei_cl *cl, 906 struct mei_io_list *cmpl_list) 907 { 908 struct mei_msg_hdr *mei_hdr; 909 910 if ((*slots * sizeof(u32)) >= (sizeof(struct mei_msg_hdr) + 911 (cb_pos->request_buffer.size - 912 cb_pos->information))) { 913 mei_hdr = (struct mei_msg_hdr *) &dev->wr_msg_buf[0]; 914 mei_hdr->host_addr = cl->host_client_id; 915 mei_hdr->me_addr = cl->me_client_id; 916 mei_hdr->length = cb_pos->request_buffer.size - 917 cb_pos->information; 918 mei_hdr->msg_complete = 1; 919 mei_hdr->reserved = 0; 920 dev_dbg(&dev->pdev->dev, "cb_pos->request_buffer.size =%d" 921 "mei_hdr->msg_complete = %d\n", 922 cb_pos->request_buffer.size, 923 mei_hdr->msg_complete); 924 dev_dbg(&dev->pdev->dev, "cb_pos->information =%lu\n", 925 cb_pos->information); 926 dev_dbg(&dev->pdev->dev, "mei_hdr->length =%d\n", 927 mei_hdr->length); 928 *slots -= mei_data2slots(mei_hdr->length); 929 if (mei_write_message(dev, mei_hdr, 930 (unsigned char *) 931 (cb_pos->request_buffer.data + 932 cb_pos->information), 933 mei_hdr->length)) { 934 cl->status = -ENODEV; 935 list_move_tail(&cb_pos->cb_list, 936 &cmpl_list->mei_cb.cb_list); 937 return -ENODEV; 938 } else { 939 if (mei_flow_ctrl_reduce(dev, cl)) 940 return -ENODEV; 941 cl->status = 0; 942 cb_pos->information += mei_hdr->length; 943 list_move_tail(&cb_pos->cb_list, 944 &dev->write_waiting_list.mei_cb.cb_list); 945 } 946 } else if (*slots == dev->hbuf_depth) { 947 /* buffer is still empty */ 948 mei_hdr = (struct mei_msg_hdr *) &dev->wr_msg_buf[0]; 949 mei_hdr->host_addr = cl->host_client_id; 950 mei_hdr->me_addr = cl->me_client_id; 951 mei_hdr->length = 952 (*slots * sizeof(u32)) - sizeof(struct mei_msg_hdr); 953 mei_hdr->msg_complete = 0; 954 mei_hdr->reserved = 0; 955 *slots -= mei_data2slots(mei_hdr->length); 956 if (mei_write_message(dev, mei_hdr, 957 (unsigned char *) 958 (cb_pos->request_buffer.data + 959 cb_pos->information), 960 mei_hdr->length)) { 961 cl->status = -ENODEV; 962 list_move_tail(&cb_pos->cb_list, 963 &cmpl_list->mei_cb.cb_list); 964 return -ENODEV; 965 } else { 966 cb_pos->information += mei_hdr->length; 967 dev_dbg(&dev->pdev->dev, 968 "cb_pos->request_buffer.size =%d" 969 " mei_hdr->msg_complete = %d\n", 970 cb_pos->request_buffer.size, 971 mei_hdr->msg_complete); 972 dev_dbg(&dev->pdev->dev, "cb_pos->information =%lu\n", 973 cb_pos->information); 974 dev_dbg(&dev->pdev->dev, "mei_hdr->length =%d\n", 975 mei_hdr->length); 976 } 977 return -EMSGSIZE; 978 } else { 979 return -EBADMSG; 980 } 981 982 return 0; 983 } 984 985 /** 986 * _mei_irq_thread_cmpl_iamthif - processes completed iamthif operation. 987 * 988 * @dev: the device structure. 989 * @slots: free slots. 990 * @cb_pos: callback block. 991 * @cl: private data of the file object. 992 * @cmpl_list: complete list. 993 * 994 * returns 0, OK; otherwise, error. 995 */ 996 static int _mei_irq_thread_cmpl_iamthif(struct mei_device *dev, s32 *slots, 997 struct mei_cl_cb *cb_pos, 998 struct mei_cl *cl, 999 struct mei_io_list *cmpl_list) 1000 { 1001 struct mei_msg_hdr *mei_hdr; 1002 1003 if ((*slots * sizeof(u32)) >= (sizeof(struct mei_msg_hdr) + 1004 dev->iamthif_msg_buf_size - 1005 dev->iamthif_msg_buf_index)) { 1006 mei_hdr = (struct mei_msg_hdr *) &dev->wr_msg_buf[0]; 1007 mei_hdr->host_addr = cl->host_client_id; 1008 mei_hdr->me_addr = cl->me_client_id; 1009 mei_hdr->length = dev->iamthif_msg_buf_size - 1010 dev->iamthif_msg_buf_index; 1011 mei_hdr->msg_complete = 1; 1012 mei_hdr->reserved = 0; 1013 1014 *slots -= mei_data2slots(mei_hdr->length); 1015 1016 if (mei_write_message(dev, mei_hdr, 1017 (dev->iamthif_msg_buf + 1018 dev->iamthif_msg_buf_index), 1019 mei_hdr->length)) { 1020 dev->iamthif_state = MEI_IAMTHIF_IDLE; 1021 cl->status = -ENODEV; 1022 list_del(&cb_pos->cb_list); 1023 return -ENODEV; 1024 } else { 1025 if (mei_flow_ctrl_reduce(dev, cl)) 1026 return -ENODEV; 1027 dev->iamthif_msg_buf_index += mei_hdr->length; 1028 cb_pos->information = dev->iamthif_msg_buf_index; 1029 cl->status = 0; 1030 dev->iamthif_state = MEI_IAMTHIF_FLOW_CONTROL; 1031 dev->iamthif_flow_control_pending = true; 1032 /* save iamthif cb sent to amthi client */ 1033 dev->iamthif_current_cb = cb_pos; 1034 list_move_tail(&cb_pos->cb_list, 1035 &dev->write_waiting_list.mei_cb.cb_list); 1036 1037 } 1038 } else if (*slots == dev->hbuf_depth) { 1039 /* buffer is still empty */ 1040 mei_hdr = (struct mei_msg_hdr *) &dev->wr_msg_buf[0]; 1041 mei_hdr->host_addr = cl->host_client_id; 1042 mei_hdr->me_addr = cl->me_client_id; 1043 mei_hdr->length = 1044 (*slots * sizeof(u32)) - sizeof(struct mei_msg_hdr); 1045 mei_hdr->msg_complete = 0; 1046 mei_hdr->reserved = 0; 1047 1048 *slots -= mei_data2slots(mei_hdr->length); 1049 1050 if (mei_write_message(dev, mei_hdr, 1051 (dev->iamthif_msg_buf + 1052 dev->iamthif_msg_buf_index), 1053 mei_hdr->length)) { 1054 cl->status = -ENODEV; 1055 list_del(&cb_pos->cb_list); 1056 } else { 1057 dev->iamthif_msg_buf_index += mei_hdr->length; 1058 } 1059 return -EMSGSIZE; 1060 } else { 1061 return -EBADMSG; 1062 } 1063 1064 return 0; 1065 } 1066 1067 /** 1068 * mei_irq_thread_read_handler - bottom half read routine after ISR to 1069 * handle the read processing. 1070 * 1071 * @cmpl_list: An instance of our list structure 1072 * @dev: the device structure 1073 * @slots: slots to read. 1074 * 1075 * returns 0 on success, <0 on failure. 1076 */ 1077 static int mei_irq_thread_read_handler(struct mei_io_list *cmpl_list, 1078 struct mei_device *dev, 1079 s32 *slots) 1080 { 1081 struct mei_msg_hdr *mei_hdr; 1082 struct mei_cl *cl_pos = NULL; 1083 struct mei_cl *cl_next = NULL; 1084 int ret = 0; 1085 1086 if (!dev->rd_msg_hdr) { 1087 dev->rd_msg_hdr = mei_mecbrw_read(dev); 1088 dev_dbg(&dev->pdev->dev, "slots =%08x.\n", *slots); 1089 (*slots)--; 1090 dev_dbg(&dev->pdev->dev, "slots =%08x.\n", *slots); 1091 } 1092 mei_hdr = (struct mei_msg_hdr *) &dev->rd_msg_hdr; 1093 dev_dbg(&dev->pdev->dev, "mei_hdr->length =%d\n", mei_hdr->length); 1094 1095 if (mei_hdr->reserved || !dev->rd_msg_hdr) { 1096 dev_dbg(&dev->pdev->dev, "corrupted message header.\n"); 1097 ret = -EBADMSG; 1098 goto end; 1099 } 1100 1101 if (mei_hdr->host_addr || mei_hdr->me_addr) { 1102 list_for_each_entry_safe(cl_pos, cl_next, 1103 &dev->file_list, link) { 1104 dev_dbg(&dev->pdev->dev, 1105 "list_for_each_entry_safe read host" 1106 " client = %d, ME client = %d\n", 1107 cl_pos->host_client_id, 1108 cl_pos->me_client_id); 1109 if (cl_pos->host_client_id == mei_hdr->host_addr && 1110 cl_pos->me_client_id == mei_hdr->me_addr) 1111 break; 1112 } 1113 1114 if (&cl_pos->link == &dev->file_list) { 1115 dev_dbg(&dev->pdev->dev, "corrupted message header\n"); 1116 ret = -EBADMSG; 1117 goto end; 1118 } 1119 } 1120 if (((*slots) * sizeof(u32)) < mei_hdr->length) { 1121 dev_dbg(&dev->pdev->dev, 1122 "we can't read the message slots =%08x.\n", 1123 *slots); 1124 /* we can't read the message */ 1125 ret = -ERANGE; 1126 goto end; 1127 } 1128 1129 /* decide where to read the message too */ 1130 if (!mei_hdr->host_addr) { 1131 dev_dbg(&dev->pdev->dev, "call mei_irq_thread_read_bus_message.\n"); 1132 mei_irq_thread_read_bus_message(dev, mei_hdr); 1133 dev_dbg(&dev->pdev->dev, "end mei_irq_thread_read_bus_message.\n"); 1134 } else if (mei_hdr->host_addr == dev->iamthif_cl.host_client_id && 1135 (MEI_FILE_CONNECTED == dev->iamthif_cl.state) && 1136 (dev->iamthif_state == MEI_IAMTHIF_READING)) { 1137 dev_dbg(&dev->pdev->dev, "call mei_irq_thread_read_iamthif_message.\n"); 1138 dev_dbg(&dev->pdev->dev, "mei_hdr->length =%d\n", 1139 mei_hdr->length); 1140 ret = mei_irq_thread_read_amthi_message(cmpl_list, 1141 dev, mei_hdr); 1142 if (ret) 1143 goto end; 1144 1145 } else { 1146 dev_dbg(&dev->pdev->dev, "call mei_irq_thread_read_client_message.\n"); 1147 ret = mei_irq_thread_read_client_message(cmpl_list, 1148 dev, mei_hdr); 1149 if (ret) 1150 goto end; 1151 1152 } 1153 1154 /* reset the number of slots and header */ 1155 *slots = mei_count_full_read_slots(dev); 1156 dev->rd_msg_hdr = 0; 1157 1158 if (*slots == -EOVERFLOW) { 1159 /* overflow - reset */ 1160 dev_dbg(&dev->pdev->dev, "resetting due to slots overflow.\n"); 1161 /* set the event since message has been read */ 1162 ret = -ERANGE; 1163 goto end; 1164 } 1165 end: 1166 return ret; 1167 } 1168 1169 1170 /** 1171 * mei_irq_thread_write_handler - bottom half write routine after 1172 * ISR to handle the write processing. 1173 * 1174 * @cmpl_list: An instance of our list structure 1175 * @dev: the device structure 1176 * @slots: slots to write. 1177 * 1178 * returns 0 on success, <0 on failure. 1179 */ 1180 static int mei_irq_thread_write_handler(struct mei_io_list *cmpl_list, 1181 struct mei_device *dev, 1182 s32 *slots) 1183 { 1184 1185 struct mei_cl *cl; 1186 struct mei_cl_cb *pos = NULL, *next = NULL; 1187 struct mei_io_list *list; 1188 int ret; 1189 1190 if (!mei_hbuf_is_empty(dev)) { 1191 dev_dbg(&dev->pdev->dev, "host buffer is not empty.\n"); 1192 return 0; 1193 } 1194 *slots = mei_hbuf_empty_slots(dev); 1195 if (*slots <= 0) 1196 return -EMSGSIZE; 1197 1198 /* complete all waiting for write CB */ 1199 dev_dbg(&dev->pdev->dev, "complete all waiting for write cb.\n"); 1200 1201 list = &dev->write_waiting_list; 1202 list_for_each_entry_safe(pos, next, &list->mei_cb.cb_list, cb_list) { 1203 cl = (struct mei_cl *)pos->file_private; 1204 if (cl == NULL) 1205 continue; 1206 1207 cl->status = 0; 1208 list_del(&pos->cb_list); 1209 if (MEI_WRITING == cl->writing_state && 1210 (pos->major_file_operations == MEI_WRITE) && 1211 (cl != &dev->iamthif_cl)) { 1212 dev_dbg(&dev->pdev->dev, "MEI WRITE COMPLETE\n"); 1213 cl->writing_state = MEI_WRITE_COMPLETE; 1214 list_add_tail(&pos->cb_list, 1215 &cmpl_list->mei_cb.cb_list); 1216 } 1217 if (cl == &dev->iamthif_cl) { 1218 dev_dbg(&dev->pdev->dev, "check iamthif flow control.\n"); 1219 if (dev->iamthif_flow_control_pending) { 1220 ret = _mei_irq_thread_iamthif_read(dev, slots); 1221 if (ret) 1222 return ret; 1223 } 1224 } 1225 } 1226 1227 if (dev->stop && !dev->wd_pending) { 1228 dev->wd_stopped = true; 1229 wake_up_interruptible(&dev->wait_stop_wd); 1230 return 0; 1231 } 1232 1233 if (dev->extra_write_index) { 1234 dev_dbg(&dev->pdev->dev, "extra_write_index =%d.\n", 1235 dev->extra_write_index); 1236 mei_write_message(dev, 1237 (struct mei_msg_hdr *) &dev->ext_msg_buf[0], 1238 (unsigned char *) &dev->ext_msg_buf[1], 1239 (dev->extra_write_index - 1) * sizeof(u32)); 1240 *slots -= dev->extra_write_index; 1241 dev->extra_write_index = 0; 1242 } 1243 if (dev->mei_state == MEI_ENABLED) { 1244 if (dev->wd_pending && 1245 mei_flow_ctrl_creds(dev, &dev->wd_cl) > 0) { 1246 if (mei_wd_send(dev)) 1247 dev_dbg(&dev->pdev->dev, "wd send failed.\n"); 1248 else if (mei_flow_ctrl_reduce(dev, &dev->wd_cl)) 1249 return -ENODEV; 1250 1251 dev->wd_pending = false; 1252 1253 if (dev->wd_timeout) 1254 *slots -= mei_data2slots(MEI_START_WD_DATA_SIZE); 1255 else 1256 *slots -= mei_data2slots(MEI_WD_PARAMS_SIZE); 1257 } 1258 } 1259 if (dev->stop) 1260 return -ENODEV; 1261 1262 /* complete control write list CB */ 1263 dev_dbg(&dev->pdev->dev, "complete control write list cb.\n"); 1264 list_for_each_entry_safe(pos, next, 1265 &dev->ctrl_wr_list.mei_cb.cb_list, cb_list) { 1266 cl = (struct mei_cl *) pos->file_private; 1267 if (!cl) { 1268 list_del(&pos->cb_list); 1269 return -ENODEV; 1270 } 1271 switch (pos->major_file_operations) { 1272 case MEI_CLOSE: 1273 /* send disconnect message */ 1274 ret = _mei_irq_thread_close(dev, slots, pos, cl, cmpl_list); 1275 if (ret) 1276 return ret; 1277 1278 break; 1279 case MEI_READ: 1280 /* send flow control message */ 1281 ret = _mei_irq_thread_read(dev, slots, pos, cl, cmpl_list); 1282 if (ret) 1283 return ret; 1284 1285 break; 1286 case MEI_IOCTL: 1287 /* connect message */ 1288 if (mei_other_client_is_connecting(dev, cl)) 1289 continue; 1290 ret = _mei_irq_thread_ioctl(dev, slots, pos, cl, cmpl_list); 1291 if (ret) 1292 return ret; 1293 1294 break; 1295 1296 default: 1297 BUG(); 1298 } 1299 1300 } 1301 /* complete write list CB */ 1302 dev_dbg(&dev->pdev->dev, "complete write list cb.\n"); 1303 list_for_each_entry_safe(pos, next, 1304 &dev->write_list.mei_cb.cb_list, cb_list) { 1305 cl = (struct mei_cl *)pos->file_private; 1306 if (cl == NULL) 1307 continue; 1308 1309 if (cl != &dev->iamthif_cl) { 1310 if (mei_flow_ctrl_creds(dev, cl) <= 0) { 1311 dev_dbg(&dev->pdev->dev, 1312 "No flow control credentials for client %d, not sending.\n", 1313 cl->host_client_id); 1314 continue; 1315 } 1316 ret = _mei_irq_thread_cmpl(dev, slots, pos, 1317 cl, cmpl_list); 1318 if (ret) 1319 return ret; 1320 1321 } else if (cl == &dev->iamthif_cl) { 1322 /* IAMTHIF IOCTL */ 1323 dev_dbg(&dev->pdev->dev, "complete amthi write cb.\n"); 1324 if (mei_flow_ctrl_creds(dev, cl) <= 0) { 1325 dev_dbg(&dev->pdev->dev, 1326 "No flow control credentials for amthi client %d.\n", 1327 cl->host_client_id); 1328 continue; 1329 } 1330 ret = _mei_irq_thread_cmpl_iamthif(dev, slots, pos, 1331 cl, cmpl_list); 1332 if (ret) 1333 return ret; 1334 1335 } 1336 1337 } 1338 return 0; 1339 } 1340 1341 1342 1343 /** 1344 * mei_timer - timer function. 1345 * 1346 * @work: pointer to the work_struct structure 1347 * 1348 * NOTE: This function is called by timer interrupt work 1349 */ 1350 void mei_timer(struct work_struct *work) 1351 { 1352 unsigned long timeout; 1353 struct mei_cl *cl_pos = NULL; 1354 struct mei_cl *cl_next = NULL; 1355 struct list_head *amthi_complete_list = NULL; 1356 struct mei_cl_cb *cb_pos = NULL; 1357 struct mei_cl_cb *cb_next = NULL; 1358 1359 struct mei_device *dev = container_of(work, 1360 struct mei_device, timer_work.work); 1361 1362 1363 mutex_lock(&dev->device_lock); 1364 if (dev->mei_state != MEI_ENABLED) { 1365 if (dev->mei_state == MEI_INIT_CLIENTS) { 1366 if (dev->init_clients_timer) { 1367 if (--dev->init_clients_timer == 0) { 1368 dev_dbg(&dev->pdev->dev, "IMEI reset due to init clients timeout ,init clients state = %d.\n", 1369 dev->init_clients_state); 1370 mei_reset(dev, 1); 1371 } 1372 } 1373 } 1374 goto out; 1375 } 1376 /*** connect/disconnect timeouts ***/ 1377 list_for_each_entry_safe(cl_pos, cl_next, &dev->file_list, link) { 1378 if (cl_pos->timer_count) { 1379 if (--cl_pos->timer_count == 0) { 1380 dev_dbg(&dev->pdev->dev, "HECI reset due to connect/disconnect timeout.\n"); 1381 mei_reset(dev, 1); 1382 goto out; 1383 } 1384 } 1385 } 1386 1387 if (dev->iamthif_stall_timer) { 1388 if (--dev->iamthif_stall_timer == 0) { 1389 dev_dbg(&dev->pdev->dev, "resetting because of hang to amthi.\n"); 1390 mei_reset(dev, 1); 1391 dev->iamthif_msg_buf_size = 0; 1392 dev->iamthif_msg_buf_index = 0; 1393 dev->iamthif_canceled = false; 1394 dev->iamthif_ioctl = true; 1395 dev->iamthif_state = MEI_IAMTHIF_IDLE; 1396 dev->iamthif_timer = 0; 1397 1398 if (dev->iamthif_current_cb) 1399 mei_free_cb_private(dev->iamthif_current_cb); 1400 1401 dev->iamthif_file_object = NULL; 1402 dev->iamthif_current_cb = NULL; 1403 mei_run_next_iamthif_cmd(dev); 1404 } 1405 } 1406 1407 if (dev->iamthif_timer) { 1408 1409 timeout = dev->iamthif_timer + 1410 msecs_to_jiffies(IAMTHIF_READ_TIMER); 1411 1412 dev_dbg(&dev->pdev->dev, "dev->iamthif_timer = %ld\n", 1413 dev->iamthif_timer); 1414 dev_dbg(&dev->pdev->dev, "timeout = %ld\n", timeout); 1415 dev_dbg(&dev->pdev->dev, "jiffies = %ld\n", jiffies); 1416 if (time_after(jiffies, timeout)) { 1417 /* 1418 * User didn't read the AMTHI data on time (15sec) 1419 * freeing AMTHI for other requests 1420 */ 1421 1422 dev_dbg(&dev->pdev->dev, "freeing AMTHI for other requests\n"); 1423 1424 amthi_complete_list = &dev->amthi_read_complete_list. 1425 mei_cb.cb_list; 1426 1427 list_for_each_entry_safe(cb_pos, cb_next, amthi_complete_list, cb_list) { 1428 1429 cl_pos = cb_pos->file_object->private_data; 1430 1431 /* Finding the AMTHI entry. */ 1432 if (cl_pos == &dev->iamthif_cl) 1433 list_del(&cb_pos->cb_list); 1434 } 1435 if (dev->iamthif_current_cb) 1436 mei_free_cb_private(dev->iamthif_current_cb); 1437 1438 dev->iamthif_file_object->private_data = NULL; 1439 dev->iamthif_file_object = NULL; 1440 dev->iamthif_current_cb = NULL; 1441 dev->iamthif_timer = 0; 1442 mei_run_next_iamthif_cmd(dev); 1443 1444 } 1445 } 1446 out: 1447 schedule_delayed_work(&dev->timer_work, 2 * HZ); 1448 mutex_unlock(&dev->device_lock); 1449 } 1450 1451 /** 1452 * mei_interrupt_thread_handler - function called after ISR to handle the interrupt 1453 * processing. 1454 * 1455 * @irq: The irq number 1456 * @dev_id: pointer to the device structure 1457 * 1458 * returns irqreturn_t 1459 * 1460 */ 1461 irqreturn_t mei_interrupt_thread_handler(int irq, void *dev_id) 1462 { 1463 struct mei_device *dev = (struct mei_device *) dev_id; 1464 struct mei_io_list complete_list; 1465 struct mei_cl_cb *cb_pos = NULL, *cb_next = NULL; 1466 struct mei_cl *cl; 1467 s32 slots; 1468 int rets; 1469 bool bus_message_received; 1470 1471 1472 dev_dbg(&dev->pdev->dev, "function called after ISR to handle the interrupt processing.\n"); 1473 /* initialize our complete list */ 1474 mutex_lock(&dev->device_lock); 1475 mei_io_list_init(&complete_list); 1476 dev->host_hw_state = mei_hcsr_read(dev); 1477 1478 /* Ack the interrupt here 1479 * In case of MSI we don't go through the quick handler */ 1480 if (pci_dev_msi_enabled(dev->pdev)) 1481 mei_reg_write(dev, H_CSR, dev->host_hw_state); 1482 1483 dev->me_hw_state = mei_mecsr_read(dev); 1484 1485 /* check if ME wants a reset */ 1486 if ((dev->me_hw_state & ME_RDY_HRA) == 0 && 1487 dev->mei_state != MEI_RESETING && 1488 dev->mei_state != MEI_INITIALIZING) { 1489 dev_dbg(&dev->pdev->dev, "FW not ready.\n"); 1490 mei_reset(dev, 1); 1491 mutex_unlock(&dev->device_lock); 1492 return IRQ_HANDLED; 1493 } 1494 1495 /* check if we need to start the dev */ 1496 if ((dev->host_hw_state & H_RDY) == 0) { 1497 if ((dev->me_hw_state & ME_RDY_HRA) == ME_RDY_HRA) { 1498 dev_dbg(&dev->pdev->dev, "we need to start the dev.\n"); 1499 dev->host_hw_state |= (H_IE | H_IG | H_RDY); 1500 mei_hcsr_set(dev); 1501 dev->mei_state = MEI_INIT_CLIENTS; 1502 dev_dbg(&dev->pdev->dev, "link is established start sending messages.\n"); 1503 /* link is established 1504 * start sending messages. 1505 */ 1506 mei_host_start_message(dev); 1507 mutex_unlock(&dev->device_lock); 1508 return IRQ_HANDLED; 1509 } else { 1510 dev_dbg(&dev->pdev->dev, "FW not ready.\n"); 1511 mutex_unlock(&dev->device_lock); 1512 return IRQ_HANDLED; 1513 } 1514 } 1515 /* check slots available for reading */ 1516 slots = mei_count_full_read_slots(dev); 1517 dev_dbg(&dev->pdev->dev, "slots =%08x extra_write_index =%08x.\n", 1518 slots, dev->extra_write_index); 1519 while (slots > 0 && !dev->extra_write_index) { 1520 dev_dbg(&dev->pdev->dev, "slots =%08x extra_write_index =%08x.\n", 1521 slots, dev->extra_write_index); 1522 dev_dbg(&dev->pdev->dev, "call mei_irq_thread_read_handler.\n"); 1523 rets = mei_irq_thread_read_handler(&complete_list, dev, &slots); 1524 if (rets) 1525 goto end; 1526 } 1527 rets = mei_irq_thread_write_handler(&complete_list, dev, &slots); 1528 end: 1529 dev_dbg(&dev->pdev->dev, "end of bottom half function.\n"); 1530 dev->host_hw_state = mei_hcsr_read(dev); 1531 dev->mei_host_buffer_is_empty = mei_hbuf_is_empty(dev); 1532 1533 bus_message_received = false; 1534 if (dev->recvd_msg && waitqueue_active(&dev->wait_recvd_msg)) { 1535 dev_dbg(&dev->pdev->dev, "received waiting bus message\n"); 1536 bus_message_received = true; 1537 } 1538 mutex_unlock(&dev->device_lock); 1539 if (bus_message_received) { 1540 dev_dbg(&dev->pdev->dev, "wake up dev->wait_recvd_msg\n"); 1541 wake_up_interruptible(&dev->wait_recvd_msg); 1542 bus_message_received = false; 1543 } 1544 if (list_empty(&complete_list.mei_cb.cb_list)) 1545 return IRQ_HANDLED; 1546 1547 1548 list_for_each_entry_safe(cb_pos, cb_next, 1549 &complete_list.mei_cb.cb_list, cb_list) { 1550 cl = (struct mei_cl *)cb_pos->file_private; 1551 list_del(&cb_pos->cb_list); 1552 if (cl) { 1553 if (cl != &dev->iamthif_cl) { 1554 dev_dbg(&dev->pdev->dev, "completing call back.\n"); 1555 _mei_cmpl(cl, cb_pos); 1556 cb_pos = NULL; 1557 } else if (cl == &dev->iamthif_cl) { 1558 _mei_cmpl_iamthif(dev, cb_pos); 1559 } 1560 } 1561 } 1562 return IRQ_HANDLED; 1563 } 1564